diff options
| -rw-r--r-- | src/backend/commands/analyze.c | 4 | ||||
| -rw-r--r-- | src/backend/commands/command.c | 30 | ||||
| -rw-r--r-- | src/backend/commands/comment.c | 4 | ||||
| -rw-r--r-- | src/backend/commands/remove.c | 10 | ||||
| -rw-r--r-- | src/backend/commands/rename.c | 4 | ||||
| -rw-r--r-- | src/backend/commands/sequence.c | 8 | ||||
| -rw-r--r-- | src/backend/commands/trigger.c | 6 | ||||
| -rw-r--r-- | src/backend/commands/vacuum.c | 4 | ||||
| -rw-r--r-- | src/backend/executor/execMain.c | 4 | ||||
| -rw-r--r-- | src/backend/tcop/utility.c | 24 | ||||
| -rw-r--r-- | src/backend/utils/adt/acl.c | 4 | ||||
| -rw-r--r-- | src/include/config.h.in | 3 |
12 files changed, 24 insertions, 81 deletions
diff --git a/src/backend/commands/analyze.c b/src/backend/commands/analyze.c index 5b9847643b8..a83a5b7c3ab 100644 --- a/src/backend/commands/analyze.c +++ b/src/backend/commands/analyze.c @@ -8,7 +8,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/commands/analyze.c,v 1.7 2000/10/05 19:48:22 momjian Exp $ + * $Header: /cvsroot/pgsql/src/backend/commands/analyze.c,v 1.8 2000/10/16 17:08:05 momjian Exp $ * *------------------------------------------------------------------------- @@ -98,7 +98,6 @@ analyze_rel(Oid relid, List *anal_cols2, int MESSAGE_LEVEL) onerel = heap_open(relid, AccessShareLock); -#ifndef NO_SECURITY if (!pg_ownercheck(GetUserId(), RelationGetRelationName(onerel), RELNAME)) { @@ -110,7 +109,6 @@ analyze_rel(Oid relid, List *anal_cols2, int MESSAGE_LEVEL) CommitTransactionCommand(); return; } -#endif elog(MESSAGE_LEVEL, "Analyzing..."); diff --git a/src/backend/commands/command.c b/src/backend/commands/command.c index a9b16c009e4..67b5f1dc4cd 100644 --- a/src/backend/commands/command.c +++ b/src/backend/commands/command.c @@ -8,7 +8,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/commands/Attic/command.c,v 1.106 2000/10/10 17:13:30 momjian Exp $ + * $Header: /cvsroot/pgsql/src/backend/commands/Attic/command.c,v 1.107 2000/10/16 17:08:05 momjian Exp $ * * NOTES * The PerformAddAttribute() code, like most of the relation @@ -311,10 +311,8 @@ AlterTableAddColumn(const char *relationName, if (!allowSystemTableMods && IsSystemRelationName(relationName)) elog(ERROR, "ALTER TABLE: relation \"%s\" is a system catalog", relationName); -#ifndef NO_SECURITY if (!pg_ownercheck(GetUserId(), relationName, RELNAME)) elog(ERROR, "ALTER TABLE: permission denied"); -#endif /* * Grab an exclusive lock on the target table, which we will NOT @@ -1149,7 +1147,7 @@ AlterTableAddConstraint(char *relationName, scan = heap_beginscan(rel, false, SnapshotNow, 0, NULL); AssertState(scan != NULL); - /* + /* * We need to make a parse state and range table to allow * us to transformExpr and fix_opids to get a version of * the expression we can pass to ExecQual @@ -1195,7 +1193,7 @@ AlterTableAddConstraint(char *relationName, rte->eref->relname = relationName; rtlist = makeList1(rte); - /* + /* * Scan through the rows now, making the necessary things * for ExecQual, and then call it to evaluate the * expression. @@ -1224,13 +1222,13 @@ AlterTableAddConstraint(char *relationName, pfree(rte); heap_endscan(scan); - heap_close(rel, NoLock); + heap_close(rel, NoLock); - if (!successful) + if (!successful) { elog(ERROR, "AlterTableAddConstraint: rejected due to CHECK constraint %s", name); } - /* + /* * Call AddRelationRawConstraints to do the real adding -- * It duplicates some of the above, but does not check the * validity of the constraint against tuples already in @@ -1274,7 +1272,7 @@ AlterTableAddConstraint(char *relationName, pkrel = heap_openr(fkconstraint->pktable_name, AccessExclusiveLock); if (pkrel->rd_rel->relkind != RELKIND_RELATION) - elog(ERROR, "referenced table \"%s\" not a relation", + elog(ERROR, "referenced table \"%s\" not a relation", fkconstraint->pktable_name); /* @@ -1328,7 +1326,7 @@ AlterTableAddConstraint(char *relationName, } } if (found) - break; + break; indexStruct = NULL; } if (!found) @@ -1591,7 +1589,7 @@ AlterTableCreateToastTable(const char *relationName, bool silent) if (((Form_pg_class) GETSTRUCT(reltup))->reltoastrelid != InvalidOid) { - if (silent) + if (silent) { heap_close(rel, NoLock); heap_close(class_rel, NoLock); @@ -1601,14 +1599,14 @@ AlterTableCreateToastTable(const char *relationName, bool silent) elog(ERROR, "ALTER TABLE: relation \"%s\" already has a toast table", relationName); - } + } /* * Check to see whether the table actually needs a TOAST table. */ if (! needs_toast_table(rel)) { - if (silent) + if (silent) { heap_close(rel, NoLock); heap_close(class_rel, NoLock); @@ -1784,7 +1782,7 @@ LockTableCommand(LockStmt *lockstmt) if (rel->rd_rel->relkind != RELKIND_RELATION) elog(ERROR, "LOCK TABLE: %s is not a table", lockstmt->relname); - if (is_view(rel)) + if (is_view(rel)) elog(ERROR, "LOCK TABLE: cannot lock a view"); if (lockstmt->mode == AccessShareLock) @@ -1842,7 +1840,7 @@ is_view(Relation rel) while (HeapTupleIsValid(tuple = heap_getnext(scanDesc, 0))) { - if (tuple->t_data != NULL) + if (tuple->t_data != NULL) { data = (Form_pg_rewrite) GETSTRUCT(tuple); if (data->ev_type == '1') @@ -1856,6 +1854,6 @@ is_view(Relation rel) heap_endscan(scanDesc); heap_close(RewriteRelation, RowExclusiveLock); - + return retval; } diff --git a/src/backend/commands/comment.c b/src/backend/commands/comment.c index e7b13a80788..6dd3c4dfab8 100644 --- a/src/backend/commands/comment.c +++ b/src/backend/commands/comment.c @@ -283,10 +283,8 @@ CommentRelation(int reltype, char *relname, char *comment) /*** First, check object security ***/ -#ifndef NO_SECURITY if (!pg_ownercheck(GetUserId(), relname, RELNAME)) elog(ERROR, "you are not permitted to comment on class '%s'", relname); -#endif /*** Now, attempt to find the oid in the cached version of pg_class ***/ @@ -349,10 +347,8 @@ CommentAttribute(char *relname, char *attrname, char *comment) /*** First, check object security ***/ -#ifndef NO_SECURITY if (!pg_ownercheck(GetUserId(), relname, RELNAME)) elog(ERROR, "you are not permitted to comment on class '%s\'", relname); -#endif /*** Now, fetch the attribute oid from the system cache ***/ diff --git a/src/backend/commands/remove.c b/src/backend/commands/remove.c index 6da32297f61..a8ad2620ef7 100644 --- a/src/backend/commands/remove.c +++ b/src/backend/commands/remove.c @@ -8,7 +8,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/commands/Attic/remove.c,v 1.53 2000/10/07 00:58:16 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/commands/Attic/remove.c,v 1.54 2000/10/16 17:08:05 momjian Exp $ * *------------------------------------------------------------------------- */ @@ -81,13 +81,11 @@ RemoveOperator(char *operatorName, /* operator name */ if (HeapTupleIsValid(tup)) { -#ifndef NO_SECURITY if (!pg_ownercheck(GetUserId(), (char *) ObjectIdGetDatum(tup->t_data->t_oid), OPEROID)) elog(ERROR, "RemoveOperator: operator '%s': permission denied", operatorName); -#endif /*** Delete any comments associated with this operator ***/ @@ -250,11 +248,9 @@ RemoveType(char *typeName) /* type name to be removed */ Oid typeOid; char *shadow_type; -#ifndef NO_SECURITY if (!pg_ownercheck(GetUserId(), typeName, TYPENAME)) elog(ERROR, "RemoveType: type '%s': permission denied", typeName); -#endif relation = heap_openr(TypeRelationName, RowExclusiveLock); @@ -334,13 +330,11 @@ RemoveFunction(char *functionName, /* function name to be removed */ } } -#ifndef NO_SECURITY if (!pg_func_ownercheck(GetUserId(), functionName, nargs, argList)) { elog(ERROR, "RemoveFunction: function '%s': permission denied", functionName); } -#endif relation = heap_openr(ProcedureRelationName, RowExclusiveLock); tup = SearchSysCacheTuple(PROCNAME, @@ -396,7 +390,6 @@ RemoveAggregate(char *aggName, char *aggType) else basetypeID = 0; -#ifndef NO_SECURITY if (!pg_aggr_ownercheck(GetUserId(), aggName, basetypeID)) { if (aggType) @@ -410,7 +403,6 @@ RemoveAggregate(char *aggName, char *aggType) aggName); } } -#endif relation = heap_openr(AggregateRelationName, RowExclusiveLock); tup = SearchSysCacheTuple(AGGNAME, diff --git a/src/backend/commands/rename.c b/src/backend/commands/rename.c index 7fcf2e333f6..5c2d292b322 100644 --- a/src/backend/commands/rename.c +++ b/src/backend/commands/rename.c @@ -8,7 +8,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/commands/Attic/rename.c,v 1.48 2000/10/16 14:52:03 vadim Exp $ + * $Header: /cvsroot/pgsql/src/backend/commands/Attic/rename.c,v 1.49 2000/10/16 17:08:05 momjian Exp $ * *------------------------------------------------------------------------- */ @@ -71,12 +71,10 @@ renameatt(char *relname, if (!allowSystemTableMods && IsSystemRelationName(relname)) elog(ERROR, "renameatt: class \"%s\" is a system catalog", relname); -#ifndef NO_SECURITY if (!IsBootstrapProcessingMode() && !pg_ownercheck(GetUserId(), relname, RELNAME)) elog(ERROR, "renameatt: you do not own class \"%s\"", relname); -#endif /* * Grab an exclusive lock on the target table, which we will NOT diff --git a/src/backend/commands/sequence.c b/src/backend/commands/sequence.c index 960d3693de6..d6a6b1b4300 100644 --- a/src/backend/commands/sequence.c +++ b/src/backend/commands/sequence.c @@ -201,11 +201,9 @@ nextval(PG_FUNCTION_ARGS) next, rescnt = 0; -#ifndef NO_SECURITY if (pg_aclcheck(seqname, GetUserId(), ACL_WR) != ACLCHECK_OK) elog(ERROR, "%s.nextval: you don't have permissions to set sequence %s", seqname, seqname); -#endif /* open and AccessShareLock sequence */ elm = init_sequence("nextval", seqname); @@ -298,11 +296,9 @@ currval(PG_FUNCTION_ARGS) SeqTable elm; int32 result; -#ifndef NO_SECURITY if (pg_aclcheck(seqname, GetUserId(), ACL_RD) != ACLCHECK_OK) elog(ERROR, "%s.currval: you don't have permissions to read sequence %s", seqname, seqname); -#endif /* open and AccessShareLock sequence */ elm = init_sequence("currval", seqname); @@ -318,18 +314,16 @@ currval(PG_FUNCTION_ARGS) PG_RETURN_INT32(result); } -static void +static void do_setval(char *seqname, int32 next, bool iscalled) { SeqTable elm; Buffer buf; Form_pg_sequence seq; -#ifndef NO_SECURITY if (pg_aclcheck(seqname, GetUserId(), ACL_WR) != ACLCHECK_OK) elog(ERROR, "%s.setval: you don't have permissions to set sequence %s", seqname, seqname); -#endif /* open and AccessShareLock sequence */ elm = init_sequence("setval", seqname); diff --git a/src/backend/commands/trigger.c b/src/backend/commands/trigger.c index c2db6a93745..059bc42987f 100644 --- a/src/backend/commands/trigger.c +++ b/src/backend/commands/trigger.c @@ -7,7 +7,7 @@ * Portions Copyright (c) 1994, Regents of the University of California * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/commands/trigger.c,v 1.77 2000/09/06 14:15:16 petere Exp $ + * $Header: /cvsroot/pgsql/src/backend/commands/trigger.c,v 1.78 2000/10/16 17:08:05 momjian Exp $ * *------------------------------------------------------------------------- */ @@ -68,10 +68,8 @@ CreateTrigger(CreateTrigStmt *stmt) if (!allowSystemTableMods && IsSystemRelationName(stmt->relname)) elog(ERROR, "CreateTrigger: can't create trigger for system relation %s", stmt->relname); -#ifndef NO_SECURITY if (!pg_ownercheck(GetUserId(), stmt->relname, RELNAME)) elog(ERROR, "%s: %s", stmt->relname, aclcheck_error_strings[ACLCHECK_NOT_OWNER]); -#endif /* ---------- * If trigger is a constraint, user trigger name as constraint @@ -308,10 +306,8 @@ DropTrigger(DropTrigStmt *stmt) int found = 0; int tgfound = 0; -#ifndef NO_SECURITY if (!pg_ownercheck(GetUserId(), stmt->relname, RELNAME)) elog(ERROR, "%s: %s", stmt->relname, aclcheck_error_strings[ACLCHECK_NOT_OWNER]); -#endif rel = heap_openr(stmt->relname, AccessExclusiveLock); diff --git a/src/backend/commands/vacuum.c b/src/backend/commands/vacuum.c index ac9f50f0362..c7496c6c46c 100644 --- a/src/backend/commands/vacuum.c +++ b/src/backend/commands/vacuum.c @@ -8,7 +8,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/commands/vacuum.c,v 1.167 2000/10/05 19:48:22 momjian Exp $ + * $Header: /cvsroot/pgsql/src/backend/commands/vacuum.c,v 1.168 2000/10/16 17:08:05 momjian Exp $ * *------------------------------------------------------------------------- @@ -397,7 +397,6 @@ vacuum_rel(Oid relid, bool analyze, bool is_toastrel) */ onerel = heap_open(relid, AccessExclusiveLock); -#ifndef NO_SECURITY if (!pg_ownercheck(GetUserId(), RelationGetRelationName(onerel), RELNAME)) { @@ -408,7 +407,6 @@ vacuum_rel(Oid relid, bool analyze, bool is_toastrel) CommitTransactionCommand(); return; } -#endif /* * Remember the relation'ss TOAST relation for later diff --git a/src/backend/executor/execMain.c b/src/backend/executor/execMain.c index 3393559d630..5523256bbe8 100644 --- a/src/backend/executor/execMain.c +++ b/src/backend/executor/execMain.c @@ -27,7 +27,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/executor/execMain.c,v 1.129 2000/10/05 19:11:26 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/executor/execMain.c,v 1.130 2000/10/16 17:08:06 momjian Exp $ * *------------------------------------------------------------------------- */ @@ -619,9 +619,7 @@ InitPlan(CmdType operation, Query *parseTree, Plan *plan, EState *estate) /* * Do permissions checks. */ -#ifndef NO_SECURITY ExecCheckQueryPerms(operation, parseTree, plan); -#endif /* * get information from query descriptor diff --git a/src/backend/tcop/utility.c b/src/backend/tcop/utility.c index 9b52e9b66cd..6c0b2be5ea9 100644 --- a/src/backend/tcop/utility.c +++ b/src/backend/tcop/utility.c @@ -10,7 +10,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/tcop/utility.c,v 1.95 2000/10/07 00:58:18 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/tcop/utility.c,v 1.96 2000/10/16 17:08:07 momjian Exp $ * *------------------------------------------------------------------------- */ @@ -174,11 +174,9 @@ ProcessUtility(Node *parsetree, relname); /* close rel, but keep lock until end of xact */ heap_close(rel, NoLock); -#ifndef NO_SECURITY if (!pg_ownercheck(GetUserId(), relname, RELNAME)) elog(ERROR, "you do not own class \"%s\"", relname); -#endif } /* OK, terminate 'em all */ foreach(arg, args) @@ -210,10 +208,8 @@ ProcessUtility(Node *parsetree, relname); heap_close(rel, NoLock); -#ifndef NO_SECURITY if (!pg_ownercheck(GetUserId(), relname, RELNAME)) elog(ERROR, "you do not own class \"%s\"", relname); -#endif TruncateRelation(relname); } break; @@ -270,10 +266,8 @@ ProcessUtility(Node *parsetree, if (!allowSystemTableMods && IsSystemRelationName(relname)) elog(ERROR, "ALTER TABLE: relation \"%s\" is a system catalog", relname); -#ifndef NO_SECURITY if (!pg_ownercheck(GetUserId(), relname, RELNAME)) elog(ERROR, "permission denied"); -#endif /* ---------------- * XXX using len == 3 to tell the difference @@ -430,12 +424,10 @@ ProcessUtility(Node *parsetree, RuleStmt *stmt = (RuleStmt *) parsetree; int aclcheck_result; -#ifndef NO_SECURITY relname = stmt->object->relname; aclcheck_result = pg_aclcheck(relname, GetUserId(), ACL_RU); if (aclcheck_result != ACLCHECK_OK) elog(ERROR, "%s: %s", relname, aclcheck_error_strings[aclcheck_result]); -#endif set_ps_display(commandTag = "CREATE"); DefineQueryRewrite(stmt); @@ -473,10 +465,8 @@ ProcessUtility(Node *parsetree, if (!allowSystemTableMods && IsSystemRelationName(relname)) elog(ERROR, "class \"%s\" is a system catalog index", relname); -#ifndef NO_SECURITY if (!pg_ownercheck(GetUserId(), relname, RELNAME)) elog(ERROR, "%s: %s", relname, aclcheck_error_strings[ACLCHECK_NOT_OWNER]); -#endif RemoveIndex(relname); break; case RULE: @@ -484,20 +474,15 @@ ProcessUtility(Node *parsetree, char *rulename = stmt->name; int aclcheck_result; -#ifndef NO_SECURITY - relationName = RewriteGetRuleEventRel(rulename); aclcheck_result = pg_aclcheck(relationName, GetUserId(), ACL_RU); if (aclcheck_result != ACLCHECK_OK) elog(ERROR, "%s: %s", relationName, aclcheck_error_strings[aclcheck_result]); -#endif RemoveRewriteRule(rulename); } break; case TYPE_P: -#ifndef NO_SECURITY /* XXX moved to remove.c */ -#endif RemoveType(stmt->name); break; case VIEW: @@ -505,14 +490,11 @@ ProcessUtility(Node *parsetree, char *viewName = stmt->name; char *ruleName; -#ifndef NO_SECURITY - ruleName = MakeRetrieveViewRuleName(viewName); relationName = RewriteGetRuleEventRel(ruleName); if (!pg_ownercheck(GetUserId(), relationName, RELNAME)) elog(ERROR, "%s: %s", relationName, aclcheck_error_strings[ACLCHECK_NOT_OWNER]); pfree(ruleName); -#endif RemoveView(viewName); } break; @@ -810,10 +792,8 @@ ProcessUtility(Node *parsetree, elog(ERROR, "\"%s\" is a system index. call REINDEX under standalone postgres with -P -O options", relname); } -#ifndef NO_SECURITY if (!pg_ownercheck(GetUserId(), relname, RELNAME)) elog(ERROR, "%s: %s", relname, aclcheck_error_strings[ACLCHECK_NOT_OWNER]); -#endif ReindexIndex(relname, stmt->force); break; case TABLE: @@ -828,10 +808,8 @@ ProcessUtility(Node *parsetree, relname); } -#ifndef NO_SECURITY if (!pg_ownercheck(GetUserId(), relname, RELNAME)) elog(ERROR, "%s: %s", relname, aclcheck_error_strings[ACLCHECK_NOT_OWNER]); -#endif ReindexTable(relname, stmt->force); break; case DATABASE: diff --git a/src/backend/utils/adt/acl.c b/src/backend/utils/adt/acl.c index 401ed1a9375..2fb21afd819 100644 --- a/src/backend/utils/adt/acl.c +++ b/src/backend/utils/adt/acl.c @@ -8,7 +8,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/utils/adt/acl.c,v 1.50 2000/10/07 00:58:19 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/utils/adt/acl.c,v 1.51 2000/10/16 17:08:08 momjian Exp $ * *------------------------------------------------------------------------- */ @@ -589,11 +589,9 @@ ExecuteChangeACLStmt(ChangeACLStmt *stmt) if (rel && rel->rd_rel->relkind == RELKIND_INDEX) elog(ERROR, "\"%s\" is an index relation", relname); -#ifndef NO_SECURITY if (!pg_ownercheck(GetUserId(), relname, RELNAME)) elog(ERROR, "you do not own class \"%s\"", relname); -#endif ChangeAcl(relname, &aclitem, modechg); /* close rel, but keep lock until end of xact */ heap_close(rel, NoLock); diff --git a/src/include/config.h.in b/src/include/config.h.in index 0b9fb0ecd14..0b408abc1d0 100644 --- a/src/include/config.h.in +++ b/src/include/config.h.in @@ -8,7 +8,7 @@ * or in config.h afterwards. Of course, if you edit config.h, then your * changes will be overwritten the next time you run configure. * - * $Id: config.h.in,v 1.142 2000/10/14 23:56:58 momjian Exp $ + * $Id: config.h.in,v 1.143 2000/10/16 17:08:11 momjian Exp $ */ #ifndef CONFIG_H @@ -276,7 +276,6 @@ /* #define RTDEBUG */ /* #define GISTDEBUG */ /* #define OMIT_PARTIAL_INDEX */ -/* #define NO_SECURITY */ /* #define LOCK_DEBUG */ /* |