From 6dc249610a87aa8b9dcc8baf4e64d2e14d02f548 Mon Sep 17 00:00:00 2001 From: Peter Eisentraut Date: Wed, 6 Sep 2000 14:15:31 +0000 Subject: Code cleanup of user name and user id handling in the backend. The current user is now defined in terms of the user id, the user name is only computed upon request (for display purposes). This is kind of the opposite of the previous state, which would maintain the user name and compute the user id for permission checks. Besides perhaps saving a few cycles (integer vs string), this now creates a single point of attack for changing the user id during a connection, for purposes of "setuid" functions, etc. --- src/backend/commands/command.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) (limited to 'src/backend/commands/command.c') diff --git a/src/backend/commands/command.c b/src/backend/commands/command.c index 97b3563d9fc..054b76e480d 100644 --- a/src/backend/commands/command.c +++ b/src/backend/commands/command.c @@ -8,7 +8,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/commands/Attic/command.c,v 1.97 2000/08/29 04:20:43 momjian Exp $ + * $Header: /cvsroot/pgsql/src/backend/commands/Attic/command.c,v 1.98 2000/09/06 14:15:16 petere Exp $ * * NOTES * The PerformAddAttribute() code, like most of the relation @@ -308,7 +308,7 @@ AlterTableAddColumn(const char *relationName, elog(ERROR, "ALTER TABLE: relation \"%s\" is a system catalog", relationName); #ifndef NO_SECURITY - if (!pg_ownercheck(UserName, relationName, RELNAME)) + if (!pg_ownercheck(GetUserId(), relationName, RELNAME)) elog(ERROR, "ALTER TABLE: permission denied"); #endif @@ -523,7 +523,7 @@ AlterTableAlterColumn(const char *relationName, elog(ERROR, "ALTER TABLE: relation \"%s\" is a system catalog", relationName); #ifndef NO_SECURITY - if (!pg_ownercheck(UserName, relationName, RELNAME)) + if (!pg_ownercheck(GetUserId(), relationName, RELNAME)) elog(ERROR, "ALTER TABLE: permission denied"); #endif @@ -935,7 +935,7 @@ AlterTableDropColumn(const char *relationName, elog(ERROR, "ALTER TABLE: relation \"%s\" is a system catalog", relationName); #ifndef NO_SECURITY - if (!pg_ownercheck(UserName, relationName, RELNAME)) + if (!pg_ownercheck(GetUserId(), relationName, RELNAME)) elog(ERROR, "ALTER TABLE: permission denied"); #endif @@ -1095,7 +1095,7 @@ AlterTableAddConstraint(char *relationName, elog(ERROR, "ALTER TABLE / ADD CONSTRAINT passed invalid constraint."); #ifndef NO_SECURITY - if (!pg_ownercheck(UserName, relationName, RELNAME)) + if (!pg_ownercheck(GetUserId(), relationName, RELNAME)) elog(ERROR, "ALTER TABLE: permission denied"); #endif @@ -1484,7 +1484,7 @@ AlterTableCreateToastTable(const char *relationName, bool silent) * permissions checking. XXX exactly what is appropriate here? */ #ifndef NO_SECURITY - if (!pg_ownercheck(UserName, relationName, RELNAME)) + if (!pg_ownercheck(GetUserId(), relationName, RELNAME)) elog(ERROR, "ALTER TABLE: permission denied"); #endif @@ -1723,9 +1723,9 @@ LockTableCommand(LockStmt *lockstmt) rel = heap_openr(lockstmt->relname, NoLock); if (lockstmt->mode == AccessShareLock) - aclresult = pg_aclcheck(lockstmt->relname, GetPgUserName(), ACL_RD); + aclresult = pg_aclcheck(lockstmt->relname, GetUserId(), ACL_RD); else - aclresult = pg_aclcheck(lockstmt->relname, GetPgUserName(), ACL_WR); + aclresult = pg_aclcheck(lockstmt->relname, GetUserId(), ACL_WR); if (aclresult != ACLCHECK_OK) elog(ERROR, "LOCK TABLE: permission denied"); -- cgit v1.2.3