aboutsummaryrefslogtreecommitdiff
path: root/src/backend/commands
diff options
context:
space:
mode:
Diffstat (limited to 'src/backend/commands')
-rw-r--r--src/backend/commands/aggregatecmds.c3
-rw-r--r--src/backend/commands/alter.c6
-rw-r--r--src/backend/commands/collationcmds.c3
-rw-r--r--src/backend/commands/conversioncmds.c6
-rw-r--r--src/backend/commands/dbcommands.c4
-rw-r--r--src/backend/commands/extension.c5
-rw-r--r--src/backend/commands/foreigncmds.c10
-rw-r--r--src/backend/commands/functioncmds.c26
-rw-r--r--src/backend/commands/indexcmds.c8
-rw-r--r--src/backend/commands/opclasscmds.c4
-rw-r--r--src/backend/commands/operatorcmds.c16
-rw-r--r--src/backend/commands/publicationcmds.c5
-rw-r--r--src/backend/commands/schemacmds.c7
-rw-r--r--src/backend/commands/tablecmds.c16
-rw-r--r--src/backend/commands/tablespace.c4
-rw-r--r--src/backend/commands/trigger.c2
-rw-r--r--src/backend/commands/tsearchcmds.c4
-rw-r--r--src/backend/commands/typecmds.c16
18 files changed, 77 insertions, 68 deletions
diff --git a/src/backend/commands/aggregatecmds.c b/src/backend/commands/aggregatecmds.c
index 010eca7340a..a9339e40b31 100644
--- a/src/backend/commands/aggregatecmds.c
+++ b/src/backend/commands/aggregatecmds.c
@@ -25,6 +25,7 @@
#include "access/htup_details.h"
#include "catalog/dependency.h"
#include "catalog/pg_aggregate.h"
+#include "catalog/pg_namespace.h"
#include "catalog/pg_proc.h"
#include "catalog/pg_type.h"
#include "commands/alter.h"
@@ -104,7 +105,7 @@ DefineAggregate(ParseState *pstate,
aggNamespace = QualifiedNameGetCreationNamespace(name, &aggName);
/* Check we have creation rights in target namespace */
- aclresult = pg_namespace_aclcheck(aggNamespace, GetUserId(), ACL_CREATE);
+ aclresult = object_aclcheck(NamespaceRelationId, aggNamespace, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(aggNamespace));
diff --git a/src/backend/commands/alter.c b/src/backend/commands/alter.c
index 5dabba4dd06..b2089d785b6 100644
--- a/src/backend/commands/alter.c
+++ b/src/backend/commands/alter.c
@@ -228,7 +228,7 @@ AlterObjectRename_internal(Relation rel, Oid objectId, const char *new_name)
/* User must have CREATE privilege on the namespace */
if (OidIsValid(namespaceId))
{
- aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(),
+ aclresult = object_aclcheck(NamespaceRelationId, namespaceId, GetUserId(),
ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_SCHEMA,
@@ -757,7 +757,7 @@ AlterObjectNamespace_internal(Relation rel, Oid objid, Oid nspOid)
NameStr(*(DatumGetName(name))));
/* User must have CREATE privilege on new namespace */
- aclresult = pg_namespace_aclcheck(nspOid, GetUserId(), ACL_CREATE);
+ aclresult = object_aclcheck(NamespaceRelationId, nspOid, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(nspOid));
@@ -1006,7 +1006,7 @@ AlterObjectOwner_internal(Relation rel, Oid objectId, Oid new_ownerId)
{
AclResult aclresult;
- aclresult = pg_namespace_aclcheck(namespaceId, new_ownerId,
+ aclresult = object_aclcheck(NamespaceRelationId, namespaceId, new_ownerId,
ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_SCHEMA,
diff --git a/src/backend/commands/collationcmds.c b/src/backend/commands/collationcmds.c
index 1753d67b612..25efa6e0bf0 100644
--- a/src/backend/commands/collationcmds.c
+++ b/src/backend/commands/collationcmds.c
@@ -23,6 +23,7 @@
#include "catalog/objectaccess.h"
#include "catalog/pg_collation.h"
#include "catalog/pg_database.h"
+#include "catalog/pg_namespace.h"
#include "commands/alter.h"
#include "commands/collationcmds.h"
#include "commands/comment.h"
@@ -76,7 +77,7 @@ DefineCollation(ParseState *pstate, List *names, List *parameters, bool if_not_e
collNamespace = QualifiedNameGetCreationNamespace(names, &collName);
- aclresult = pg_namespace_aclcheck(collNamespace, GetUserId(), ACL_CREATE);
+ aclresult = object_aclcheck(NamespaceRelationId, collNamespace, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(collNamespace));
diff --git a/src/backend/commands/conversioncmds.c b/src/backend/commands/conversioncmds.c
index 67feda33ec5..7f721cca714 100644
--- a/src/backend/commands/conversioncmds.c
+++ b/src/backend/commands/conversioncmds.c
@@ -18,6 +18,8 @@
#include "catalog/dependency.h"
#include "catalog/indexing.h"
#include "catalog/pg_conversion.h"
+#include "catalog/pg_namespace.h"
+#include "catalog/pg_proc.h"
#include "catalog/pg_type.h"
#include "commands/alter.h"
#include "commands/conversioncmds.h"
@@ -54,7 +56,7 @@ CreateConversionCommand(CreateConversionStmt *stmt)
&conversion_name);
/* Check we have creation rights in target namespace */
- aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(), ACL_CREATE);
+ aclresult = object_aclcheck(NamespaceRelationId, namespaceId, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(namespaceId));
@@ -101,7 +103,7 @@ CreateConversionCommand(CreateConversionStmt *stmt)
NameListToString(func_name), "integer")));
/* Check we have EXECUTE rights for the function */
- aclresult = pg_proc_aclcheck(funcoid, GetUserId(), ACL_EXECUTE);
+ aclresult = object_aclcheck(ProcedureRelationId, funcoid, GetUserId(), ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_FUNCTION,
NameListToString(func_name));
diff --git a/src/backend/commands/dbcommands.c b/src/backend/commands/dbcommands.c
index 0d6a1228639..a67ea86619c 100644
--- a/src/backend/commands/dbcommands.c
+++ b/src/backend/commands/dbcommands.c
@@ -1164,7 +1164,7 @@ createdb(ParseState *pstate, const CreatedbStmt *stmt)
tablespacename = defGetString(dtablespacename);
dst_deftablespace = get_tablespace_oid(tablespacename, false);
/* check permissions */
- aclresult = pg_tablespace_aclcheck(dst_deftablespace, GetUserId(),
+ aclresult = object_aclcheck(TableSpaceRelationId, dst_deftablespace, GetUserId(),
ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_TABLESPACE,
@@ -1874,7 +1874,7 @@ movedb(const char *dbname, const char *tblspcname)
/*
* Permission checks
*/
- aclresult = pg_tablespace_aclcheck(dst_tblspcoid, GetUserId(),
+ aclresult = object_aclcheck(TableSpaceRelationId, dst_tblspcoid, GetUserId(),
ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_TABLESPACE,
diff --git a/src/backend/commands/extension.c b/src/backend/commands/extension.c
index 722e94bbce0..806d6056ab6 100644
--- a/src/backend/commands/extension.c
+++ b/src/backend/commands/extension.c
@@ -42,6 +42,7 @@
#include "catalog/objectaccess.h"
#include "catalog/pg_authid.h"
#include "catalog/pg_collation.h"
+#include "catalog/pg_database.h"
#include "catalog/pg_depend.h"
#include "catalog/pg_extension.h"
#include "catalog/pg_namespace.h"
@@ -832,7 +833,7 @@ extension_is_trusted(ExtensionControlFile *control)
if (!control->trusted)
return false;
/* Allow if user has CREATE privilege on current database */
- aclresult = pg_database_aclcheck(MyDatabaseId, GetUserId(), ACL_CREATE);
+ aclresult = object_aclcheck(DatabaseRelationId, MyDatabaseId, GetUserId(), ACL_CREATE);
if (aclresult == ACLCHECK_OK)
return true;
return false;
@@ -2732,7 +2733,7 @@ AlterExtensionNamespace(const char *extensionName, const char *newschema, Oid *o
extensionName);
/* Permission check: must have creation rights in target namespace */
- aclresult = pg_namespace_aclcheck(nspOid, GetUserId(), ACL_CREATE);
+ aclresult = object_aclcheck(NamespaceRelationId, nspOid, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_SCHEMA, newschema);
diff --git a/src/backend/commands/foreigncmds.c b/src/backend/commands/foreigncmds.c
index e6e6d128d11..55b0be9e1d1 100644
--- a/src/backend/commands/foreigncmds.c
+++ b/src/backend/commands/foreigncmds.c
@@ -366,7 +366,7 @@ AlterForeignServerOwner_internal(Relation rel, HeapTuple tup, Oid newOwnerId)
check_is_member_of_role(GetUserId(), newOwnerId);
/* New owner must have USAGE privilege on foreign-data wrapper */
- aclresult = pg_foreign_data_wrapper_aclcheck(form->srvfdw, newOwnerId, ACL_USAGE);
+ aclresult = object_aclcheck(ForeignDataWrapperRelationId, form->srvfdw, newOwnerId, ACL_USAGE);
if (aclresult != ACLCHECK_OK)
{
ForeignDataWrapper *fdw = GetForeignDataWrapper(form->srvfdw);
@@ -891,7 +891,7 @@ CreateForeignServer(CreateForeignServerStmt *stmt)
*/
fdw = GetForeignDataWrapperByName(stmt->fdwname, false);
- aclresult = pg_foreign_data_wrapper_aclcheck(fdw->fdwid, ownerId, ACL_USAGE);
+ aclresult = object_aclcheck(ForeignDataWrapperRelationId, fdw->fdwid, ownerId, ACL_USAGE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_FDW, fdw->fdwname);
@@ -1082,7 +1082,7 @@ user_mapping_ddl_aclcheck(Oid umuserid, Oid serverid, const char *servername)
{
AclResult aclresult;
- aclresult = pg_foreign_server_aclcheck(serverid, curuserid, ACL_USAGE);
+ aclresult = object_aclcheck(ForeignServerRelationId, serverid, curuserid, ACL_USAGE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_FOREIGN_SERVER, servername);
}
@@ -1433,7 +1433,7 @@ CreateForeignTable(CreateForeignTableStmt *stmt, Oid relid)
* get the actual FDW for option validation etc.
*/
server = GetForeignServerByName(stmt->servername, false);
- aclresult = pg_foreign_server_aclcheck(server->serverid, ownerId, ACL_USAGE);
+ aclresult = object_aclcheck(ForeignServerRelationId, server->serverid, ownerId, ACL_USAGE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_FOREIGN_SERVER, server->servername);
@@ -1492,7 +1492,7 @@ ImportForeignSchema(ImportForeignSchemaStmt *stmt)
/* Check that the foreign server exists and that we have USAGE on it */
server = GetForeignServerByName(stmt->server_name, false);
- aclresult = pg_foreign_server_aclcheck(server->serverid, GetUserId(), ACL_USAGE);
+ aclresult = object_aclcheck(ForeignServerRelationId, server->serverid, GetUserId(), ACL_USAGE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_FOREIGN_SERVER, server->servername);
diff --git a/src/backend/commands/functioncmds.c b/src/backend/commands/functioncmds.c
index 3645216c4b5..57489f65f2e 100644
--- a/src/backend/commands/functioncmds.c
+++ b/src/backend/commands/functioncmds.c
@@ -150,7 +150,7 @@ compute_return_type(TypeName *returnType, Oid languageOid,
errdetail("Creating a shell type definition.")));
namespaceId = QualifiedNameGetCreationNamespace(returnType->names,
&typname);
- aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(),
+ aclresult = object_aclcheck(NamespaceRelationId, namespaceId, GetUserId(),
ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_SCHEMA,
@@ -160,7 +160,7 @@ compute_return_type(TypeName *returnType, Oid languageOid,
Assert(OidIsValid(rettype));
}
- aclresult = pg_type_aclcheck(rettype, GetUserId(), ACL_USAGE);
+ aclresult = object_aclcheck(TypeRelationId, rettype, GetUserId(), ACL_USAGE);
if (aclresult != ACLCHECK_OK)
aclcheck_error_type(aclresult, rettype);
@@ -272,7 +272,7 @@ interpret_function_parameter_list(ParseState *pstate,
toid = InvalidOid; /* keep compiler quiet */
}
- aclresult = pg_type_aclcheck(toid, GetUserId(), ACL_USAGE);
+ aclresult = object_aclcheck(TypeRelationId, toid, GetUserId(), ACL_USAGE);
if (aclresult != ACLCHECK_OK)
aclcheck_error_type(aclresult, toid);
@@ -1057,7 +1057,7 @@ CreateFunction(ParseState *pstate, CreateFunctionStmt *stmt)
&funcname);
/* Check we have creation rights in target namespace */
- aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(), ACL_CREATE);
+ aclresult = object_aclcheck(NamespaceRelationId, namespaceId, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(namespaceId));
@@ -1111,7 +1111,7 @@ CreateFunction(ParseState *pstate, CreateFunctionStmt *stmt)
if (languageStruct->lanpltrusted)
{
/* if trusted language, need USAGE privilege */
- aclresult = pg_language_aclcheck(languageOid, GetUserId(), ACL_USAGE);
+ aclresult = object_aclcheck(LanguageRelationId, languageOid, GetUserId(), ACL_USAGE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_LANGUAGE,
NameStr(languageStruct->lanname));
@@ -1562,11 +1562,11 @@ CreateCast(CreateCastStmt *stmt)
format_type_be(sourcetypeid),
format_type_be(targettypeid))));
- aclresult = pg_type_aclcheck(sourcetypeid, GetUserId(), ACL_USAGE);
+ aclresult = object_aclcheck(TypeRelationId, sourcetypeid, GetUserId(), ACL_USAGE);
if (aclresult != ACLCHECK_OK)
aclcheck_error_type(aclresult, sourcetypeid);
- aclresult = pg_type_aclcheck(targettypeid, GetUserId(), ACL_USAGE);
+ aclresult = object_aclcheck(TypeRelationId, targettypeid, GetUserId(), ACL_USAGE);
if (aclresult != ACLCHECK_OK)
aclcheck_error_type(aclresult, targettypeid);
@@ -1841,7 +1841,7 @@ CreateTransform(CreateTransformStmt *stmt)
if (!object_ownercheck(TypeRelationId, typeid, GetUserId()))
aclcheck_error_type(ACLCHECK_NOT_OWNER, typeid);
- aclresult = pg_type_aclcheck(typeid, GetUserId(), ACL_USAGE);
+ aclresult = object_aclcheck(TypeRelationId, typeid, GetUserId(), ACL_USAGE);
if (aclresult != ACLCHECK_OK)
aclcheck_error_type(aclresult, typeid);
@@ -1850,7 +1850,7 @@ CreateTransform(CreateTransformStmt *stmt)
*/
langid = get_language_oid(stmt->lang, false);
- aclresult = pg_language_aclcheck(langid, GetUserId(), ACL_USAGE);
+ aclresult = object_aclcheck(LanguageRelationId, langid, GetUserId(), ACL_USAGE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_LANGUAGE, stmt->lang);
@@ -1864,7 +1864,7 @@ CreateTransform(CreateTransformStmt *stmt)
if (!object_ownercheck(ProcedureRelationId, fromsqlfuncid, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION, NameListToString(stmt->fromsql->objname));
- aclresult = pg_proc_aclcheck(fromsqlfuncid, GetUserId(), ACL_EXECUTE);
+ aclresult = object_aclcheck(ProcedureRelationId, fromsqlfuncid, GetUserId(), ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_FUNCTION, NameListToString(stmt->fromsql->objname));
@@ -1890,7 +1890,7 @@ CreateTransform(CreateTransformStmt *stmt)
if (!object_ownercheck(ProcedureRelationId, tosqlfuncid, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION, NameListToString(stmt->tosql->objname));
- aclresult = pg_proc_aclcheck(tosqlfuncid, GetUserId(), ACL_EXECUTE);
+ aclresult = object_aclcheck(ProcedureRelationId, tosqlfuncid, GetUserId(), ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_FUNCTION, NameListToString(stmt->tosql->objname));
@@ -2116,7 +2116,7 @@ ExecuteDoStmt(ParseState *pstate, DoStmt *stmt, bool atomic)
/* if trusted language, need USAGE privilege */
AclResult aclresult;
- aclresult = pg_language_aclcheck(codeblock->langOid, GetUserId(),
+ aclresult = object_aclcheck(LanguageRelationId, codeblock->langOid, GetUserId(),
ACL_USAGE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_LANGUAGE,
@@ -2193,7 +2193,7 @@ ExecuteCallStmt(CallStmt *stmt, ParamListInfo params, bool atomic, DestReceiver
Assert(fexpr);
Assert(IsA(fexpr, FuncExpr));
- aclresult = pg_proc_aclcheck(fexpr->funcid, GetUserId(), ACL_EXECUTE);
+ aclresult = object_aclcheck(ProcedureRelationId, fexpr->funcid, GetUserId(), ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_PROCEDURE, get_func_name(fexpr->funcid));
diff --git a/src/backend/commands/indexcmds.c b/src/backend/commands/indexcmds.c
index aadd67b07f5..91cee27743d 100644
--- a/src/backend/commands/indexcmds.c
+++ b/src/backend/commands/indexcmds.c
@@ -742,7 +742,7 @@ DefineIndex(Oid relationId,
{
AclResult aclresult;
- aclresult = pg_namespace_aclcheck(namespaceId, root_save_userid,
+ aclresult = object_aclcheck(NamespaceRelationId, namespaceId, root_save_userid,
ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_SCHEMA,
@@ -774,7 +774,7 @@ DefineIndex(Oid relationId,
{
AclResult aclresult;
- aclresult = pg_tablespace_aclcheck(tablespaceId, root_save_userid,
+ aclresult = object_aclcheck(TableSpaceRelationId, tablespaceId, root_save_userid,
ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_TABLESPACE,
@@ -2648,7 +2648,7 @@ ExecReindex(ParseState *pstate, ReindexStmt *stmt, bool isTopLevel)
{
AclResult aclresult;
- aclresult = pg_tablespace_aclcheck(params.tablespaceOid,
+ aclresult = object_aclcheck(TableSpaceRelationId, params.tablespaceOid,
GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_TABLESPACE,
@@ -3245,7 +3245,7 @@ ReindexMultipleInternal(List *relids, ReindexParams *params)
{
AclResult aclresult;
- aclresult = pg_tablespace_aclcheck(params->tablespaceOid,
+ aclresult = object_aclcheck(TableSpaceRelationId, params->tablespaceOid,
GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_TABLESPACE,
diff --git a/src/backend/commands/opclasscmds.c b/src/backend/commands/opclasscmds.c
index c004e303e28..0bc6deda008 100644
--- a/src/backend/commands/opclasscmds.c
+++ b/src/backend/commands/opclasscmds.c
@@ -362,7 +362,7 @@ DefineOpClass(CreateOpClassStmt *stmt)
&opcname);
/* Check we have creation rights in target namespace */
- aclresult = pg_namespace_aclcheck(namespaceoid, GetUserId(), ACL_CREATE);
+ aclresult = object_aclcheck(NamespaceRelationId, namespaceoid, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(namespaceoid));
@@ -781,7 +781,7 @@ DefineOpFamily(CreateOpFamilyStmt *stmt)
&opfname);
/* Check we have creation rights in target namespace */
- aclresult = pg_namespace_aclcheck(namespaceoid, GetUserId(), ACL_CREATE);
+ aclresult = object_aclcheck(NamespaceRelationId, namespaceoid, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(namespaceoid));
diff --git a/src/backend/commands/operatorcmds.c b/src/backend/commands/operatorcmds.c
index a2d7ae89d74..8dc57976268 100644
--- a/src/backend/commands/operatorcmds.c
+++ b/src/backend/commands/operatorcmds.c
@@ -36,7 +36,9 @@
#include "catalog/dependency.h"
#include "catalog/indexing.h"
#include "catalog/objectaccess.h"
+#include "catalog/pg_namespace.h"
#include "catalog/pg_operator.h"
+#include "catalog/pg_proc.h"
#include "catalog/pg_type.h"
#include "commands/alter.h"
#include "commands/defrem.h"
@@ -90,7 +92,7 @@ DefineOperator(List *names, List *parameters)
oprNamespace = QualifiedNameGetCreationNamespace(names, &oprName);
/* Check we have creation rights in target namespace */
- aclresult = pg_namespace_aclcheck(oprNamespace, GetUserId(), ACL_CREATE);
+ aclresult = object_aclcheck(NamespaceRelationId, oprNamespace, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(oprNamespace));
@@ -187,14 +189,14 @@ DefineOperator(List *names, List *parameters)
if (typeName1)
{
- aclresult = pg_type_aclcheck(typeId1, GetUserId(), ACL_USAGE);
+ aclresult = object_aclcheck(TypeRelationId, typeId1, GetUserId(), ACL_USAGE);
if (aclresult != ACLCHECK_OK)
aclcheck_error_type(aclresult, typeId1);
}
if (typeName2)
{
- aclresult = pg_type_aclcheck(typeId2, GetUserId(), ACL_USAGE);
+ aclresult = object_aclcheck(TypeRelationId, typeId2, GetUserId(), ACL_USAGE);
if (aclresult != ACLCHECK_OK)
aclcheck_error_type(aclresult, typeId2);
}
@@ -225,13 +227,13 @@ DefineOperator(List *names, List *parameters)
* necessary, since EXECUTE will be checked at any attempted use of the
* operator, but it seems like a good idea anyway.
*/
- aclresult = pg_proc_aclcheck(functionOid, GetUserId(), ACL_EXECUTE);
+ aclresult = object_aclcheck(ProcedureRelationId, functionOid, GetUserId(), ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_FUNCTION,
NameListToString(functionName));
rettype = get_func_rettype(functionOid);
- aclresult = pg_type_aclcheck(rettype, GetUserId(), ACL_USAGE);
+ aclresult = object_aclcheck(TypeRelationId, rettype, GetUserId(), ACL_USAGE);
if (aclresult != ACLCHECK_OK)
aclcheck_error_type(aclresult, rettype);
@@ -291,7 +293,7 @@ ValidateRestrictionEstimator(List *restrictionName)
NameListToString(restrictionName), "float8")));
/* Require EXECUTE rights for the estimator */
- aclresult = pg_proc_aclcheck(restrictionOid, GetUserId(), ACL_EXECUTE);
+ aclresult = object_aclcheck(ProcedureRelationId, restrictionOid, GetUserId(), ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_FUNCTION,
NameListToString(restrictionName));
@@ -349,7 +351,7 @@ ValidateJoinEstimator(List *joinName)
NameListToString(joinName), "float8")));
/* Require EXECUTE rights for the estimator */
- aclresult = pg_proc_aclcheck(joinOid, GetUserId(), ACL_EXECUTE);
+ aclresult = object_aclcheck(ProcedureRelationId, joinOid, GetUserId(), ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_FUNCTION,
NameListToString(joinName));
diff --git a/src/backend/commands/publicationcmds.c b/src/backend/commands/publicationcmds.c
index 8428e9e7b22..940655b9be0 100644
--- a/src/backend/commands/publicationcmds.c
+++ b/src/backend/commands/publicationcmds.c
@@ -24,6 +24,7 @@
#include "catalog/objectaccess.h"
#include "catalog/objectaddress.h"
#include "catalog/partition.h"
+#include "catalog/pg_database.h"
#include "catalog/pg_inherits.h"
#include "catalog/pg_namespace.h"
#include "catalog/pg_proc.h"
@@ -748,7 +749,7 @@ CreatePublication(ParseState *pstate, CreatePublicationStmt *stmt)
List *schemaidlist = NIL;
/* must have CREATE privilege on database */
- aclresult = pg_database_aclcheck(MyDatabaseId, GetUserId(), ACL_CREATE);
+ aclresult = object_aclcheck(DatabaseRelationId, MyDatabaseId, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_DATABASE,
get_database_name(MyDatabaseId));
@@ -1913,7 +1914,7 @@ AlterPublicationOwner_internal(Relation rel, HeapTuple tup, Oid newOwnerId)
check_is_member_of_role(GetUserId(), newOwnerId);
/* New owner must have CREATE privilege on database */
- aclresult = pg_database_aclcheck(MyDatabaseId, newOwnerId, ACL_CREATE);
+ aclresult = object_aclcheck(DatabaseRelationId, MyDatabaseId, newOwnerId, ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_DATABASE,
get_database_name(MyDatabaseId));
diff --git a/src/backend/commands/schemacmds.c b/src/backend/commands/schemacmds.c
index 3005a059e82..b03f07a2322 100644
--- a/src/backend/commands/schemacmds.c
+++ b/src/backend/commands/schemacmds.c
@@ -23,6 +23,7 @@
#include "catalog/namespace.h"
#include "catalog/objectaccess.h"
#include "catalog/pg_authid.h"
+#include "catalog/pg_database.h"
#include "catalog/pg_namespace.h"
#include "commands/dbcommands.h"
#include "commands/event_trigger.h"
@@ -91,7 +92,7 @@ CreateSchemaCommand(CreateSchemaStmt *stmt, const char *queryString,
* The latter provision guards against "giveaway" attacks. Note that a
* superuser will always have both of these privileges a fortiori.
*/
- aclresult = pg_database_aclcheck(MyDatabaseId, saved_uid, ACL_CREATE);
+ aclresult = object_aclcheck(DatabaseRelationId, MyDatabaseId, saved_uid, ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_DATABASE,
get_database_name(MyDatabaseId));
@@ -259,7 +260,7 @@ RenameSchema(const char *oldname, const char *newname)
oldname);
/* must have CREATE privilege on database */
- aclresult = pg_database_aclcheck(MyDatabaseId, GetUserId(), ACL_CREATE);
+ aclresult = object_aclcheck(DatabaseRelationId, MyDatabaseId, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_DATABASE,
get_database_name(MyDatabaseId));
@@ -380,7 +381,7 @@ AlterSchemaOwner_internal(HeapTuple tup, Relation rel, Oid newOwnerId)
* schemas. Because superusers will always have this right, we need
* no special case for them.
*/
- aclresult = pg_database_aclcheck(MyDatabaseId, GetUserId(),
+ aclresult = object_aclcheck(DatabaseRelationId, MyDatabaseId, GetUserId(),
ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_DATABASE,
diff --git a/src/backend/commands/tablecmds.c b/src/backend/commands/tablecmds.c
index 6804c7a8597..f0068078520 100644
--- a/src/backend/commands/tablecmds.c
+++ b/src/backend/commands/tablecmds.c
@@ -804,7 +804,7 @@ DefineRelation(CreateStmt *stmt, char relkind, Oid ownerId,
{
AclResult aclresult;
- aclresult = pg_tablespace_aclcheck(tablespaceId, GetUserId(),
+ aclresult = object_aclcheck(TableSpaceRelationId, tablespaceId, GetUserId(),
ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_TABLESPACE,
@@ -845,7 +845,7 @@ DefineRelation(CreateStmt *stmt, char relkind, Oid ownerId,
ofTypeId = typenameTypeId(NULL, stmt->ofTypename);
- aclresult = pg_type_aclcheck(ofTypeId, GetUserId(), ACL_USAGE);
+ aclresult = object_aclcheck(TypeRelationId, ofTypeId, GetUserId(), ACL_USAGE);
if (aclresult != ACLCHECK_OK)
aclcheck_error_type(aclresult, ofTypeId);
}
@@ -6830,7 +6830,7 @@ ATExecAddColumn(List **wqueue, AlteredTableInfo *tab, Relation rel,
tform = (Form_pg_type) GETSTRUCT(typeTuple);
typeOid = tform->oid;
- aclresult = pg_type_aclcheck(typeOid, GetUserId(), ACL_USAGE);
+ aclresult = object_aclcheck(TypeRelationId, typeOid, GetUserId(), ACL_USAGE);
if (aclresult != ACLCHECK_OK)
aclcheck_error_type(aclresult, typeOid);
@@ -12164,7 +12164,7 @@ ATPrepAlterColumnType(List **wqueue,
/* Look up the target type */
typenameTypeIdAndMod(NULL, typeName, &targettype, &targettypmod);
- aclresult = pg_type_aclcheck(targettype, GetUserId(), ACL_USAGE);
+ aclresult = object_aclcheck(TypeRelationId, targettype, GetUserId(), ACL_USAGE);
if (aclresult != ACLCHECK_OK)
aclcheck_error_type(aclresult, targettype);
@@ -13836,7 +13836,7 @@ ATExecChangeOwner(Oid relationOid, Oid newOwnerId, bool recursing, LOCKMODE lock
check_is_member_of_role(GetUserId(), newOwnerId);
/* New owner must have CREATE privilege on namespace */
- aclresult = pg_namespace_aclcheck(namespaceOid, newOwnerId,
+ aclresult = object_aclcheck(NamespaceRelationId, namespaceOid, newOwnerId,
ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_SCHEMA,
@@ -14152,7 +14152,7 @@ ATPrepSetTableSpace(AlteredTableInfo *tab, Relation rel, const char *tablespacen
{
AclResult aclresult;
- aclresult = pg_tablespace_aclcheck(tablespaceId, GetUserId(), ACL_CREATE);
+ aclresult = object_aclcheck(TableSpaceRelationId, tablespaceId, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_TABLESPACE, tablespacename);
}
@@ -14545,7 +14545,7 @@ AlterTableMoveAll(AlterTableMoveAllStmt *stmt)
{
AclResult aclresult;
- aclresult = pg_tablespace_aclcheck(new_tablespaceoid, GetUserId(),
+ aclresult = object_aclcheck(TableSpaceRelationId, new_tablespaceoid, GetUserId(),
ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_TABLESPACE,
@@ -17052,7 +17052,7 @@ RangeVarCallbackForAlterRelation(const RangeVar *rv, Oid relid, Oid oldrelid,
*/
if (IsA(stmt, RenameStmt))
{
- aclresult = pg_namespace_aclcheck(classform->relnamespace,
+ aclresult = object_aclcheck(NamespaceRelationId, classform->relnamespace,
GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_SCHEMA,
diff --git a/src/backend/commands/tablespace.c b/src/backend/commands/tablespace.c
index b60cb712c1f..76e100b5602 100644
--- a/src/backend/commands/tablespace.c
+++ b/src/backend/commands/tablespace.c
@@ -1277,7 +1277,7 @@ check_temp_tablespaces(char **newval, void **extra, GucSource source)
}
/* Check permissions, similarly complaining only if interactive */
- aclresult = pg_tablespace_aclcheck(curoid, GetUserId(),
+ aclresult = object_aclcheck(TableSpaceRelationId, curoid, GetUserId(),
ACL_CREATE);
if (aclresult != ACLCHECK_OK)
{
@@ -1407,7 +1407,7 @@ PrepareTempTablespaces(void)
}
/* Check permissions similarly */
- aclresult = pg_tablespace_aclcheck(curoid, GetUserId(),
+ aclresult = object_aclcheck(TableSpaceRelationId, curoid, GetUserId(),
ACL_CREATE);
if (aclresult != ACLCHECK_OK)
continue;
diff --git a/src/backend/commands/trigger.c b/src/backend/commands/trigger.c
index df408092820..aaf54874be2 100644
--- a/src/backend/commands/trigger.c
+++ b/src/backend/commands/trigger.c
@@ -696,7 +696,7 @@ CreateTriggerFiringOn(CreateTrigStmt *stmt, const char *queryString,
funcoid = LookupFuncName(stmt->funcname, 0, NULL, false);
if (!isInternal)
{
- aclresult = pg_proc_aclcheck(funcoid, GetUserId(), ACL_EXECUTE);
+ aclresult = object_aclcheck(ProcedureRelationId, funcoid, GetUserId(), ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_FUNCTION,
NameListToString(stmt->funcname));
diff --git a/src/backend/commands/tsearchcmds.c b/src/backend/commands/tsearchcmds.c
index 365bfd30fdf..9304c53d4ba 100644
--- a/src/backend/commands/tsearchcmds.c
+++ b/src/backend/commands/tsearchcmds.c
@@ -408,7 +408,7 @@ DefineTSDictionary(List *names, List *parameters)
namespaceoid = QualifiedNameGetCreationNamespace(names, &dictname);
/* Check we have creation rights in target namespace */
- aclresult = pg_namespace_aclcheck(namespaceoid, GetUserId(), ACL_CREATE);
+ aclresult = object_aclcheck(NamespaceRelationId, namespaceoid, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(namespaceoid));
@@ -911,7 +911,7 @@ DefineTSConfiguration(List *names, List *parameters, ObjectAddress *copied)
namespaceoid = QualifiedNameGetCreationNamespace(names, &cfgname);
/* Check we have creation rights in target namespace */
- aclresult = pg_namespace_aclcheck(namespaceoid, GetUserId(), ACL_CREATE);
+ aclresult = object_aclcheck(NamespaceRelationId, namespaceoid, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(namespaceoid));
diff --git a/src/backend/commands/typecmds.c b/src/backend/commands/typecmds.c
index b7e0194d236..ecc8b3f44c9 100644
--- a/src/backend/commands/typecmds.c
+++ b/src/backend/commands/typecmds.c
@@ -222,7 +222,7 @@ DefineType(ParseState *pstate, List *names, List *parameters)
#ifdef NOT_USED
/* XXX this is unnecessary given the superuser check above */
/* Check we have creation rights in target namespace */
- aclresult = pg_namespace_aclcheck(typeNamespace, GetUserId(), ACL_CREATE);
+ aclresult = object_aclcheck(NamespaceRelationId, typeNamespace, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(typeNamespace));
@@ -733,7 +733,7 @@ DefineDomain(CreateDomainStmt *stmt)
&domainName);
/* Check we have creation rights in target namespace */
- aclresult = pg_namespace_aclcheck(domainNamespace, GetUserId(),
+ aclresult = object_aclcheck(NamespaceRelationId, domainNamespace, GetUserId(),
ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_SCHEMA,
@@ -781,7 +781,7 @@ DefineDomain(CreateDomainStmt *stmt)
errmsg("\"%s\" is not a valid base type for a domain",
TypeNameToString(stmt->typeName))));
- aclresult = pg_type_aclcheck(basetypeoid, GetUserId(), ACL_USAGE);
+ aclresult = object_aclcheck(TypeRelationId, basetypeoid, GetUserId(), ACL_USAGE);
if (aclresult != ACLCHECK_OK)
aclcheck_error_type(aclresult, basetypeoid);
@@ -1149,7 +1149,7 @@ DefineEnum(CreateEnumStmt *stmt)
&enumName);
/* Check we have creation rights in target namespace */
- aclresult = pg_namespace_aclcheck(enumNamespace, GetUserId(), ACL_CREATE);
+ aclresult = object_aclcheck(NamespaceRelationId, enumNamespace, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(enumNamespace));
@@ -1369,7 +1369,7 @@ DefineRange(ParseState *pstate, CreateRangeStmt *stmt)
&typeName);
/* Check we have creation rights in target namespace */
- aclresult = pg_namespace_aclcheck(typeNamespace, GetUserId(), ACL_CREATE);
+ aclresult = object_aclcheck(NamespaceRelationId, typeNamespace, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(typeNamespace));
@@ -2341,7 +2341,7 @@ findRangeCanonicalFunction(List *procname, Oid typeOid)
func_signature_string(procname, 1, NIL, argList))));
/* Also, range type's creator must have permission to call function */
- aclresult = pg_proc_aclcheck(procOid, GetUserId(), ACL_EXECUTE);
+ aclresult = object_aclcheck(ProcedureRelationId, procOid, GetUserId(), ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(procOid));
@@ -2384,7 +2384,7 @@ findRangeSubtypeDiffFunction(List *procname, Oid subtype)
func_signature_string(procname, 2, NIL, argList))));
/* Also, range type's creator must have permission to call function */
- aclresult = pg_proc_aclcheck(procOid, GetUserId(), ACL_EXECUTE);
+ aclresult = object_aclcheck(ProcedureRelationId, procOid, GetUserId(), ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(procOid));
@@ -3748,7 +3748,7 @@ AlterTypeOwner(List *names, Oid newOwnerId, ObjectType objecttype)
check_is_member_of_role(GetUserId(), newOwnerId);
/* New owner must have CREATE privilege on namespace */
- aclresult = pg_namespace_aclcheck(typTup->typnamespace,
+ aclresult = object_aclcheck(NamespaceRelationId, typTup->typnamespace,
newOwnerId,
ACL_CREATE);
if (aclresult != ACLCHECK_OK)
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-07 10:31:06 +0000