diff options
| author | Bruce Momjian <bruce@momjian.us> | 2000-06-09 15:51:02 +0000 |
|---|---|---|
| committer | Bruce Momjian <bruce@momjian.us> | 2000-06-09 15:51:02 +0000 |
| commit | 85add42a570cdb4be2d674e62535eb54b4dcd5cf (patch) | |
| tree | dbf157f4e38ff97df572bda2244d7280338bf541 /src/backend/commands/creatinh.c | |
| parent | a672e9650abcc9a08df06dd075a884543f3d87f3 (diff) | |
I have large database and with this DB work more users and I very need
more restriction for fretful users. The current PG allow define only
NO-CREATE-DB and NO-CREATE-USER restriction, but for some users I need
NO-CREATE-TABLE and NO-LOCK-TABLE.
This patch add to current code NOCREATETABLE and NOLOCKTABLE feature:
CREATE USER username
[ WITH
[ SYSID uid ]
[ PASSWORD 'password' ] ]
[ CREATEDB | NOCREATEDB ] [ CREATEUSER | NOCREATEUSER ]
-> [ CREATETABLE | NOCREATETABLE ] [ LOCKTABLE | NOLOCKTABLE ]
...etc.
If CREATETABLE or LOCKTABLE is not specific in CREATE USER command,
as default is set CREATETABLE or LOCKTABLE (true).
A user with NOCREATETABLE restriction can't call CREATE TABLE or
SELECT INTO commands, only create temp table is allow for him.
Karel
Diffstat (limited to 'src/backend/commands/creatinh.c')
| -rw-r--r-- | src/backend/commands/creatinh.c | 22 |
1 files changed, 20 insertions, 2 deletions
diff --git a/src/backend/commands/creatinh.c b/src/backend/commands/creatinh.c index f33d301ded2..4d52b9aad76 100644 --- a/src/backend/commands/creatinh.c +++ b/src/backend/commands/creatinh.c @@ -9,9 +9,9 @@ * * IDENTIFICATION <<<<<<< creatinh.c - * $Header: /cvsroot/pgsql/src/backend/commands/Attic/creatinh.c,v 1.59 2000/06/09 01:44:03 momjian Exp $ + * $Header: /cvsroot/pgsql/src/backend/commands/Attic/creatinh.c,v 1.60 2000/06/09 15:50:43 momjian Exp $ ======= - * $Header: /cvsroot/pgsql/src/backend/commands/Attic/creatinh.c,v 1.59 2000/06/09 01:44:03 momjian Exp $ + * $Header: /cvsroot/pgsql/src/backend/commands/Attic/creatinh.c,v 1.60 2000/06/09 15:50:43 momjian Exp $ >>>>>>> 1.58 * *------------------------------------------------------------------------- @@ -26,8 +26,10 @@ #include "catalog/pg_inherits.h" #include "catalog/pg_ipl.h" #include "catalog/pg_type.h" +#include "catalog/pg_shadow.h" #include "commands/creatinh.h" #include "utils/syscache.h" +#include "miscadmin.h" /* ---------------- * local stuff @@ -63,6 +65,22 @@ DefineRelation(CreateStmt *stmt, char relkind) int i; AttrNumber attnum; + if (!stmt->istemp) { + HeapTuple tup; + + /* ---------- + * Check pg_shadow for global createTable setting + * ---------- + */ + tup = SearchSysCacheTuple(SHADOWNAME, PointerGetDatum(GetPgUserName()), 0, 0, 0); + + if (!HeapTupleIsValid(tup)) + elog(ERROR, "CREATE TABLE: look at pg_shadow failed"); + + if (!((Form_pg_shadow) GETSTRUCT(tup))->usecreatetable) + elog(ERROR, "CREATE TABLE: permission denied"); + } + if (strlen(stmt->relname) >= NAMEDATALEN) elog(ERROR, "the relation name %s is >= %d characters long", stmt->relname, NAMEDATALEN); |